Clamd and systemd
Arthur Dent
misc.lists at blueyonder.co.uk
Fri Sep 21 13:54:57 UTC 2012
> >>>>
>>> Is this the default setting for clamd now? clamd_use_jit on Should we
>>> turn this on by default?
>> On a fresh install there is
>>
>> # Bytecode mode # # This option has been set to 'ForceInterpreter' in
>> Fedora due to # security concerns by default. You might need to enable
>> the # 'clamd_use_jit' SELinux boolean after setting this option to the #
>> more efficient 'ForceJIT' value. # # Default: ForceInterpreter
>> #ByteCodeMode ForceInterpreter
>>
>> We didn't change this, but had to change clamd_use_jit --> on.
>>
> Then I would open a bug with clamd.
I have done nothing, but install and configure clamav (scanner + server)
and my logs are full of these:
=======================8<===============================================
LibClamAV Warning: RWX mapping denied: Can't allocate RWX Memory:
Permission denied
LibClamAV Warning: Bytecode: disabling JIT because SELinux is preventing
'execmem'
access.
Run 'setsebool -P clamd_use_jit on'.
=======================8<===============================================
I haven't had a chance to run the setsebool yet (I can't get access to the
machine from work at the moment)
Are there any other bools I should set while I'm at it?
Mark
More information about the users
mailing list